WiX Projects vs. TFS 2010 Team Build
As I mentioned before, I'm in the process of moving my life over to TFS 2010 Beta 2. I'm using the excellent WiX 3.5 Beta that plugs into Visual Studio 2010 to create my setup and I had a developer build working like a dream. Things got a little more exciting when I created my first build definition and let the build fly on the build server.
The build failed with errors like the following:
light.exe: Error executing ICE action 'ICE01'. The most common cause of this kind of ICE failure is an incorrectly registered scripting engine. See http://wix.sourceforge.net/faq.html#Error217 for details and how to solve this problem. The following string format was not expected by the external UI message logger: "The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.".
The first eight Internal Consistency Evaluators (ICE) failed and ICE8 was the most unhappy of all:
light.exe: An unexpected Win32 exception with error code 0x643 occurred: Action - 'ICE08' Fatal error during installation
I had installed TFS Build on my build server using the defaults, which uses NT AUTHORITY\NETWORK SERVICE as the account for running the build controller and agent. Switching the controller over to an interactive controller/agent combo using a domain account, everything worked great. However, if I used that same domain account and ran the controller/agent as a service, I got the ICE failures.
After a night's sleep, I played around some more and stumbled into a work around. In order for the .WiXProj files to compile, the account running the build controller/agent must be in the local machine's administrator group. I found that any domain or computer account works fine for the builds. You can also use NT AUTHORITY\NETWORK SERVICE, but you have to add it to local machine administrator group. Since you can't do that through the computer manager, he's the command line way to make the addition:
net localgroup "Administrators" "NT Authority\Network Service" /add
No amount of google-fu turned up anything about the permissions issues with ICEs so I hope this saves you some hassles when you set up your own TFS 2010 Build Servers.